When you send mail with PHP’s mail command, the mail is sent via the localhost sendmail system and the envelope sender (Return-Path header) is always something like user@host.dreamhost.com. This is true even if you add From headers with your domain to the mail.

So, when SPF checking is applied, it will test using the envelope sender domain – dreamhost.com, not your domain. You’re domain’s SPF record will be ignored.

Now, dreamhost.com does not have an SPF record, so you might be wondering how Gmail is detecting a softfail. The key is to notice that the Gmail softfail message uses the phrase “best guess record”. Gmail uses a heuristic system to create best-guess SPF records for domains that don’t use SPF (described in the paper: http://www.ceas.cc/2006/19.pdf)

Since Gmail is using a best-guess for dreamhost.com’s SPF record, the guess is sometimes wrong and you will see a softfail. Possibly your mail is sometimes being routed thru a new mailhub server, and Gmail hasn’t added that server to the best-guess SPF record yet. You may see the softfail disappear after a while.

Ok, so I hope that explains the problem, now a possible solution (note, I haven’t test the solution):

One solution would be to switch from PHP’s mail to a SMTP mailer, like PHPmailer (http://wiki.dreamhost.com/PHPmailer_example). Because an SMTP mailer is directly talking to a mail server, it can set the envelope-sender to be the same as the From address (PHPmailer does this automatically, or you can set them any way you want), so you can have your domain as the envelope-sender rather then dreamhost.com.

You have various choices about how to setup an SMTP mailer. You might be able to use localhost or your assigned DreamHost SMTP server. In this case, the “ptr:dreamhost.com” rule in your SPF will cover these emails.

Alternatively, you could send the email directly thru Google (via smtp.google.com) using your Google user and password. In this case, you could simplify your SPF record to just mirror Googles: “include:_spf.google.com ~all”

There are probably other solutions – the key is the ability to set the evenlope-sender (Return-Path) to your domain.

I hope that helps - Chuck[hr]
Just a followup: It is possible to set the envelope sender using PHP’s built-in mail command. You just have to add sendmail’s -F/-f options to the 5th additional-options parameter:

SPF allows mailbox-providers to more accurately calculate the reputations of envelope-domains and mail servers. This can cut both ways.

For example, if users flag email from example.com as spam, then SPF allows the mailbox-provider to more precisely say: “example.com is a spammer”, because example.com’s SPF record can be used to rule out the possibility that the domain is the innocent victim of spoofing.

You should add SPF records to all your email and ask that anyone who receives it in their spam folder mark it as not being spam so that their mail provider’s system learns that email from you is okay for regular delivery.